Merge pull request #2789 from port-labs/feat_update_gitlab_with_visibility_config

hadar-co · web-flow · commit fc735743b56b · 2025-09-09T15:40:10.000+03:00
Add access control section to GitLab integration documentation
diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md
@@ -118,7 +118,17 @@ resources:
 
 </details>
 
+## Access control
 
+The GitLab integration supports configurable access control to determine which resources are visible and accessible to the integration.
+
+You can configure access control using the `visibility` configuration block in the integration mapping. 
+
+This allows you to filter resources based on GitLab access levels (Guest, Reporter, Developer, Maintainer, Owner). You can also disable access level filtering entirely to include all accessible resources.
+
+:::tip Access control configuration
+For detailed configuration options, access level reference, and practical examples, see the [Advanced configuration](./advanced.md#access-control) section.
+:::
 
 ## Capabilities
 
diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md
@@ -59,4 +59,67 @@ The `createMissingRelatedEntities` parameter enables automatic creation of place
 
 </TabItem>
 
+<TabItem value="accessControl" label="Access control">
+
+The `visibility` configuration allows you to control which GitLab resources are accessible to the integration based on access levels.
+
+<h3>Access levels</h3>
+
+GitLab uses numeric access levels to define permissions:
+
+| Level | Role | Description |
+|-------|------|-------------|
+| 10 | Guest | Read-only access to public resources |
+| 20 | Reporter | Can view and download code |
+| 30 | Developer | Can push code and manage issues |
+| 40 | Maintainer | Can manage project settings |
+| 50 | Owner | Full administrative access |
+
+<h3>Parameters</h3>
+
+- **`useMinAccessLevel`**: Boolean flag to enable/disable access level filtering
+  - **Default value**: `true`
+  - **Use case**: Set to `false` to include all accessible resources without filtering
+
+- **`minAccessLevel`**: Integer specifying the minimal required access level
+  - **Default value**: `30` (Developer)
+  - **Use case**: Restrict integration to resources where the token has the specified access level or higher
+
+<h3>Configuration examples</h3>
+
+```yaml showLineNumbers
+# Only sync owned projects
+visibility:
+  useMinAccessLevel: true
+  minAccessLevel: 50
+resources:
+  - kind: project
+    selector:
+      query: 'true'
+    port:
+      entity:
+        mappings:
+          identifier: .path_with_namespace | gsub(" "; "")
+          title: .name
+          blueprint: '"service"'
+```
+
+```yaml showLineNumbers
+# Include all accessible resources
+visibility:
+  useMinAccessLevel: false
+resources:
+  - kind: project
+    selector:
+      query: 'true'
+    port:
+      entity:
+        mappings:
+          identifier: .path_with_namespace | gsub(" "; "")
+          title: .name
+          blueprint: '"service"'
+```
+
+</TabItem>
+
 </Tabs>
